Am I at risk if I disable UAC?

To understand the ramifications of disabling UAC (User Account Control of Windows Vista), let's consider the threats it is supposed to protect us from. Here is what Microsoft has to say about it on their User Account Control Overview page:

"The main goal of User Account Control is to reduce the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malware that has infected their computer."

In other words, if a virus infects your computer, UAC is designed to reduce the impact of it on the operating system. While that's a good thing, note that UAC does not prevent your computer from being infected with the viruses in the first place, it can only reduce the possible damage caused by the infection. It means that we still have to have anti-virus and anti-spyware software running on our computers (and keep them up to date!) And let's not forget about the firewall, it's just as important as antivirus for keeping your computer out of reach of the bad guys.

Advertisement:

Let's re-read the Microsoft's statement once again. Note that UAC is not designed to protect your personal files from the viruses, it only protects the operating system. That is, if a virus gets into your computer with UAC enabled, it will still have the full ability to damage your documents, or to collect all email addresses from your address book and send email messages to everyone pretending to be you, and so on. Even if your files are encrypted, a virus will have full access to them just like you do, even if it runs with the limited privileges of a standard user. Think of it this way: everything you can do with your computer as a standard user, a virus can do, too, and UAC cannot stop that on its own.

But if UAC protects the operating system from the virus, that must be a good thing, right? Of course it is, but while preventing viruses from attaching to system files was important in the old pre-Internet days, viruses no longer spread themselves that way: when was the last time you copied a system dll on a floppy and gave it to a friend who asked to help him repair his installation of Windows?

As for limiting the ability of a virus to start automatically every time Windows Vista starts (another activity UAC is designed to protect from), such ability gives the virus almost no advantage, because restarting a Vista computer is a very rare event (after it is initially configured and set up). Even if you press the Turn off button on the Start Menu, and then turn the computer back on, the regular operating system restart does NOT occur: Vista simply hibernates the computer and then wakes it up, rather than going through the complete restart routine. It means that it may be days or weeks or even months before Vista gets actually restarted, and all this time a virus in your computer can be active and operational, even without the ability to install itself to auto-run on Windows restart. So, even if UAC keeps the virus from doing that, it does not prevent the virus from running for the extended periods of time.

And let's keep things in perspective: what is more embarrassing, having a virus send a bunch of emails from your name to every address in your address book, or attach itself to a system dll? Or, what is more damaging, a virus erasing your documents or installing itself to run automatically at Windows start-up? Guess what, I could not care less about the operating system, I can reinstall it from scratch any time I want. Sure, it would take a couple of days and cause a lot of frustration, to reinstall Windows and all applications I use, to configure everything the way I want, but still it's a lot less stress than trying to recover my files damaged by the virus before I had a chance to back them up, or explaining to my friends how come I've started sending them the body parts enlargement offers.

Let me reiterate once again: to be protected from viruses, we still need the anti-virus software and a firewall, because that's where the real protection is, no matter whether UAC is enabled or not.

One area where UAC can actually serve a useful purpose is, as stated on the Microsoft's web page I mentioned above, to minimize the ability of users to destabilize their systems by making changes to the global settings of the computers. This is a good thing for the users who get new computers with the administrative accounts set up for them by default, but who do not have enough computer knowledge and experience to make significant changes to the global computer settings. In such a case, UAC can keep the user from messing up his or her system, for the user's own good. However, even in this case the effectiveness of UAC is limited: after the user learns to click on the Allow button to continue with the task, after a while s/he will be clicking on it automatically, without paying much attention to the text of the message. And that opens a possibility for the malware to trick the user into allowing it to run with the administrative privileges: after all, can you expect an average user to read and analyze the text on the elevation prompt every time it pops up on the screen?

Another area where UAC could be of use is when Vista is installed on a public computer, where anyone can walk in to the computer and mess it up. However, that's what the limited user accounts are for: you would be insane to allow everyone to access a public computer via an administrative account, even with UAC enabled on it! That means that even for the public computers UAC is essentially a useless addition.

So, would it be wise for you to disable UAC? Ultimately, it's for you to decide, whether the thin layer of extra protection that UAC provides is worth the extra annoyance it adds to your work. Hopefully, this article will help you make the right choice.

DISCLAIMER: THIS INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.